<?php
class Common_Service_Verfication
{
	public function __construct(){
		
	}
	/**
	 * @param string $module
	 * @param string $controller
	 * @param string $action
	 * @param int $userId
	 * @return bool(true | false) 
	 */

    public static function check($userId, $module, $controller, $action, $param = "") {
    	//echo $module."-". $controller."-".$action;exit;
    	
        $param = $param?"/".$param:"";
        $module = strtolower(str_replace('-','',$module));
        $controller = strtolower(str_replace('-','',$controller));
        $action = strtolower(str_replace('-','',$action));
        $param = strtolower(str_replace('-','',$param));
        
        //获取用户与权限的对应  
        $userRight = User_Service_RightMap::getRightByUserid($userId);
        
        $userRightIdArr = $userRightIdArr2 = array();
        if(count($userRight)){
        	foreach ($userRight as $key => $val){
         		$userRightIdArr[] = $val['ur_id'];        	
        	}
        }
        
        //获取用户职位对应的默认权限
		$mapObj = new User_Service_PositionRightMap();
		$userInfo = User_Service_User::getByUserId($userId);	//读取用户信息
		$positionRightsMap = $mapObj->getByPid($userInfo['up_id']);
		if(is_array($positionRightsMap) && $positionRightsMap){
			foreach ($positionRightsMap as $key =>$val){
				$userRightIdArr2[] = $val['ur_id'];
			}
			$userRightIdArr = array_merge($userRightIdArr,$userRightIdArr2);
			$userRightIdArr = array_unique($userRightIdArr);			
		}
        
        //根据请求地址获取 action 信息
        $actionRow = User_Service_Action::getRowByMCA($module,$controller,$action);		
        if(!$actionRow){return false;}
        $rightActionRow = User_Service_Rightactionmap::getByUraid($actionRow['ura_id']);
        
		if(count($rightActionRow)){
			foreach ($rightActionRow as $key => $val ){
        		if(in_array($val['ur_id'],$userRightIdArr)){        			
        			return true;
        		}
        	}
		}
        
		return false;
	}
}

?>